maedoc/share-from-scratch.md

Created November 8, 2021 12:36

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/maedoc/b93925b054ec49be3011d722b3ff5496.js"></script>
Save maedoc/b93925b054ec49be3011d722b3ff5496 to your computer and use it in GitHub Desktop.

Download ZIP

Internet sharing from scatch

Raw

share-from-scratch.md

Internet sharing from scratch on Linux

Something like

steps

Assuming eth0 is the interface which already has internet, and you want to share to eth1,

Install dnsmasq
enable ip forwarding sysctl -w net.ipv4.ip_forward=1
make a short dnsmasq.conf (example below)
give eth1 an IP, robust to link disconnects with (while true; do ip a add 10.11.0.1/24 dev eth1 &> /dev/null ; sleep 1; done) &
start dnsmasq, dnsmasq --log-async --keep-in-foreground -z -i eth1 -C dnsmasq.conf -p0 &
tell iptables to forward on interfaces and masquerade nat
- iptables -A FORWARD -i eth0 -j ACCEPT
- iptables -A FORWARD -i eth1 -j ACCEPT
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
start a tcpdump tcpdump -i eth1

Now, plug/replug $stuff into eth1 and watch what happens. Tcpdump and dnsmasq should show you $stuff getting ip address, and the tcpdump should show traffic making its way in and out.

dnsmasq config

log-queries
log-dhcp
no-daemon
dhcp-broadcast
dhcp-range=10.11.0.2,10.11.0.10
dhcp-option=3,10.11.0.1
dhcp-option=6,1.1.1.1

Replace 1.1.1.1 with your favorite DNS server.